A company named ‘UK security Watchdog, Which?’ recently released a report with some disturbing security ramifications.
Based on a survey of more than 6000 UK households, the company identified 13 different older routers that are still regularly being used today. Of those 13, nine were found to fall well short of meeting modern security standards.
Naturally, those older routers have not received security updates for quite some time. In some cases, that means their last update was back in 2018, with a few not having seen an update since 2016. Two years is bad enough, but four is almost an eternity in the world of tech.
The UK and US markets are broadly similar, so what’s true there is almost certainly also true here, even if the names of the specific routers change.
Of course, it’s worth mentioning that a significant percentage of users don’t set up their own home networks, but instead rent their equipment from their internet providers.
One would think that this would improve their security, as the company renting the equipment would take care to make sure that their customers got regular security updates. Unfortunately, that doesn’t happen as often as you might think. Even if it did, the simple fact is that most older equipment has weak, or completely nonexistent default passwords which make breaking into them a trivial undertaking, even with ongoing, regular security updates.
This, in fact, is one of the reasons why many manufacturers are moving toward simply eliminating default passwords from the equation. It’s a great idea, but it does nothing to help the tens of millions of users around the world who currently own and are actively using older, vulnerable equipment.
Sadly, there are no simple answers here. In a perfect world, every person who went online would do so with security at the forefront of their minds, but that will literally never happen. The best we can hope for is that each time we draw attention to the issue with articles like this, a few people will take heed.